Microsoft: Patch Server Vulnerability to Combat New Attacks

Microsoft has reiterated its recommendation that companies deploy the patch to correct a flaw affecting the Windows Server service that was fixed last October.

The latest attacks are coming courtesy of a new variant of the Conficker worm, identified by Microsoft as Win32/Conficker.B. According to Microsoft, the variant is hitting computers that have not applied the fix, while also spreading via network shares by attempting to log in to machines using a list of weak passwords.

The worm exploits a vulnerability caused by the Server service failing to properly handle specifically-crafted RPC (remote procedure call) requests. If an exploit is successful, it could allow an attacker to execute code remotely when file sharing is enabled.

The issue was the subject of a rare out-of-band security patch by Microsoft last October 23rd. As attacks mounted, Microsoft issued a follow-up warning in its Security Response Center blog a month later.

“We encourage all customers to apply our most recent security updates to help ensure that their computers are protected from attempted criminal attacks,” a Microsoft spokesperson said.

The Windows firewall also provides a defense against attacks in a default setting because as it blocks hackers from reaching the RPC interface.

The flaw affects users of Microsoft Windows 2000, Windows XP and Windows Vista, as well as Windows Server 2003 and Server 2008. On Windows 2000, XP and Server 2003, any anonymous user with access to the target network can deliver a specially crafted network packet to exploit the vulnerability. However, on Vista and Server 2008 systems, only an authenticated user with access to the target network can deliver the packet.

“By default, Microsoft Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008 customers will have this update applied automatically through Automatic Updates,” the spokesperson said. “We encourage all customers to apply our most recent security updates to help ensure that their computers are protected from attempted criminal attacks.”

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

7 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

10 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

11 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

12 hours ago